How do I create an AWS S3 bucket with logging enabled?
To create an AWS S3 bucket with logging enabled, you’ll need to define the source bucket (which will have the logs collected) and the target bucket (which will store the logs). Here’s a step-by-step breakdown:
- Define the Source Bucket: This is the bucket where you want to collect logs.
- Define the Target Bucket: This bucket will store the logs from the source bucket.
- Set Up Bucket Logging: Configure the source bucket to log to the target bucket.
Below is the program that accomplishes this:
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// Define the target bucket that will store the logs
const logBucket = new aws.s3.BucketV2("log_bucket", {
bucket: "my-log-bucket",
versionings: [{
enabled: true,
}],
});
// Define the source bucket that will have logs collected
const sourceBucket = new aws.s3.BucketV2("source_bucket", {
bucket: "my-source-bucket",
versionings: [{
enabled: true,
}],
loggings: [{
targetBucket: logBucket.id,
targetPrefix: "log/",
}],
policy: pulumi.interpolate`{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "s3.amazonaws.com"
},
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::${logBucket.bucket}/*"
}
]
}
`,
});
export const sourceBucketName = sourceBucket.bucket;
export const logBucketName = logBucket.bucket;
This program configures two S3 buckets: one for storing logs (my-log-bucket
) and another that collects logs (my-source-bucket
). The logging settings ensure that access logs from my-source-bucket
are stored in my-log-bucket
. Policies are set up to allow the source bucket to write logs to the log bucket. The stack outputs the names of the created buckets for verification.
In summary, we’ve set up an S3 bucket with logging enabled to another S3 bucket, and configured the necessary permissions to ensure logs are written correctly.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.